Predicate ReflectedXss :: isLocalHeaderDefinition
Holds if the HeaderDefinition header seems to be local.
A HeaderDefinition is local if it dominates exactly one ResponseSendArgument.
Recognizes variants of:
response.writeHead(500, ...);
response.end('Some error');
return;
Import path
import semmle.javascript.security.dataflow.ReflectedXssCustomizations
predicate
isLocalHeaderDefinition
(
HeaderDefinition
header
)